RELEVANT
NEWS

News sources and stories related to cybersecurity and the Coronavirus pandemic.

WORK FROM HOME.

The following is a list of curated resources aimed at helping cybersecurity professionals adapt to a remote workforce. As always, if you know of a resource we should add, let us know

SANS Institute
Center for Internet Security

The Center for Internet Security, Inc. (CIS) published the CIS Controls Telework and Small Office Network Security Guide to help combat security concerns affecting network equipment meant for personal or home office use. The following are high impact actions that can be taken by employees to immediately improve the security of their home networks.

Protecting against Cybersecurity Threats when Working from Home

FREE CYBERSECURITY TOOLS.

The following is a list of free cybersecurity tools to help secure a remote workforce. As always, if you know of a resource we should add, let us know

Tool Category

OPEN SOURCE.

Tool Name

Description of tool and why it is useful to help organizations right now.

FREE FOR NOW.

The following are open source cybersecurity tools to help secure a remote workforce. As always, if you know of a resource we should add, let us know

Tool Name

Tool Category

Description of tool and why it is useful to help organizations right now.

The following are commercial tools that are being offered free for now under certain conditions. As always, if you know of a resource we should add, let us know

CYBERSECURITYNEWS.

The following is a list of news sources and stories related to cybersecurity and the Coronavirus pandemic. As always, if you know of a resource we should add, let us know

'Vaccines' Containing Blood of Recovered #COVID19 Patients for Sale on Dark Web

The nonsense vaccines were among a crock of utter dog wings spotted for sale on the dark web by researchers from the Australian National University's Cybercrime Observatory.

Written By

Sarah Coble

From

InfoSecurity

Added

Belfast Police Warn of Cybercrime Surge

A senior police officer said businesses had experienced a "surge" in cyber-attacks since the outbreak of the novel coronavirus

Written By

Sarah Coble

From

InfoSecurity

Added

The First Responders of Coronavirus-Related Cybercrime

While hospitals struggle to keep pace with a global pandemic, the number of ransomware attacks targeting organizations critical to virus response has also increased.

Written By

Justin Fier

From

Security Week

Added

Hackers target remote workers with fake Zoom downloader

Cyber attackers have bundled a version of the popular video conferencing software alongside a backdoor.

Written By

Danny Palmer

From

ZDNet

Added

Nation-state actors are targeting UK universities to steal info on COVID-19 research

The UK’s National Cyber Security Centre (NCSC) warned of targeted attacks against UK universities and scientific facilities that are involved in the COVID-19 research.

Written By

Pierluigi Paganini

From

Security Affairs

Added

Most Malicious Coronavirus-Related Domains Located in U.S.

The United States has the highest number of malicious domains with names associated with the current coronavirus crisis, a new report reveals.

Written By

Ionut Arghire

From

Security Week

Added

COVID-19 attack campaigns target hardest hit regions, research shows

Attackers shift their focus to where coronavirus infections are rising and use tactics that make their efforts hard to block.

Written By

Lucian Constantin

From

CSO

Added

Coronavirus pandemic coincides with spike in online puppy scams

The Better Business Bureau (BBB) last week raised the alarm on what it says is a spike in online puppy scams it’s seeing now that the pandemic has so many people stuck at home, wistfully imagining that it’s the perfect time to train and bond with a little fluff ball.

Written By

Lisa Vaas

From

Naked Security

Added

The Impact of COVID-19 On Global Cybersecurity Sector is Severe: Research

A recent survey revealed that the impact of COVID-19 on the global cybersecurity market size is expected to grow from $183.2 billion in 2019 to $230.0 billion by 2021, exhibiting a CAGR of 12% during the forecast period.

Written By

CISO Mag

From

CISO Mag

Added

#COVID19 Outbreak Sees Surge in Device Security Violations

New data from Absolute has revealed the extent to which heavy device usage has grown across enterprise and education due to the COVID-19 pandemic, whilst also highlighting the rise in security violations and risks as a result.

Written By

Michael Hill

From

InfoSecurity

Added

Coronavirus Threat Campaigns Wind Down on Weekends

Cyber-threats related to the widespread outbreak of COVID-19 chiefly strike during the working week, according to new research.

Written By

Sarah Coble

From

InfoSecurity

Added

EU Demands End to Coronavirus Cyberattacks

The European Union on Thursday accused unnamed parties of exploiting the coronavirus pandemic to launch cyberattacks on infrastructure and healthcare services.

Written By

AFP

From

Security Week

Added

COVID-19 Lockdown Fuels Increase in RDP Attacks

The number of attacks abusing the remote desktop protocol (RDP) to compromise corporate environments has increased significantly over the past couple of months, Kaspersky reports.

Written By

Ionut Arghire

From

Security Week

Added

Hospitals Deliberately Targeted by Ransomware During #COVID19 Peak

Despite promises from some ransomware groups to avoid targeting healthcare organizations (HCOs) during the COVID-19 crisis, multiple campaigns decided to activate in early April after months of planning, according to Microsoft.

Written By

Phil Muncaster

From

InfoSecurity

Added

#COVID19 Drives Network Security Disruption for Global Firms

Nearly two-thirds (64%) of global firms have experienced network security disruption due to the sudden recent shift to home working, with some predicting a major surge in data breaches, according to new reports out this week.

Written By

Phil Muncaster

From

InfoSecurity

Added

Malicious advertising takes advantage of Coronavirus pandemic

Malvertisers have stepped up their efforts to exploit potential victims during the ongoing Covid-19 pandemic.

Written By

Sophie Dowdell

From

IT Security Guru

Added

The Covid-19 Pandemic Reveals Ransomware's Long Game

Hackers laid the groundwork months ago for attacks. Now they're flipping the switch.

Written By

Lily Hay Newman

From

Wired

Added

Third-party compliance risk could become a bigger problem

Since the onset of COVID-19, more than half of legal and compliance leaders believe that cybersecurity and data breach is the most-increased third-party risk their organizations face, according to Gartner.

Written By

HelpNet Security

From

HelpNet Security

Added

Chinese COVID-19 detection firm hacked; source code sold on dark web

The IT security researchers at Cyble have identified hackers who have allegedly hacked Huiying Medical, a Chinese company with a worldwide presence.

Written By

Sudais Asif

From

HackRead

Added

65% of COVID-19 Phishing Campaigns Spread Spyware: Research

Singapore-based cybersecurity company Group-IB’s Computer Emergency Response Team (CERT-GIB) analyzed hundreds of Coronavirus-related phishing emails between February 13 and April 1, 2020. Researchers found that spyware was the most common malware class (65%) hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains.

Written By

CISO Mag

From

CISO Mag

Added

Trickbot Named Most Prolific #COVID19 Malware

Notorious malware Trickbot has been linked to more COVID-19 phishing emails than any other, according to new data from Microsoft.

Written By

Phil Muncaster

From

InfoSecurity

Added

Ministry of Defence lowers supplier infosec standards thanks to COVID-19 outbreak

Security standards for defence contractors have been lowered thanks to the coronavirus outbreak, the Ministry of Defence has told its suppliers.

Written By

Gareth Corfield

From

The Register

Added

COVID-Themed Phishing Messages Fill Phishing Filters on Gmail

In the past week, Google says it identified more than 18 million daily phishing messages featuring coronavirus themes.

Written By

Staff

From

DarkReading

Added

Remote Working Could Be the Norm After #COVID19

Mass remote working in the US could be here to stay after Covid-19 has receded, according to a new report from Gartner, raising ongoing security concerns.

Written By

Phil Muncaster

From

InfoSecurity

Added

NCSC and CISA Release Joint Advisory on COVID-19 Cyberthreats and Malicious Groups

Cybersecurity officials in the U.K. National Cyber Security Centre (NCSC), the U.S. Department of Homeland Security (DHS), and the Cybersecurity and Infrastructure Agency (CISA) stated that cybercriminals and advanced persistent threat (APT) groups are targeting individuals and organizations with a variety of ransomware and malware attacks, thereby exploiting the COVID-19 outbreak for their personal gain.

Written By

Ciso Mag

From

Ciso Mag

Added

US consumers report $12M in COVID-19 scam losses since January

The U.S. Federal Trade Commission says that approximately $12 million were lost to Coronavirus-related scams according to consumer reports received since January 2020.

Written By

Sergiu Gatlan

From

Bleeping Computer

Added

Shadow IT Represents Major #COVID19 Home Working Threat

Rising threat levels and remote working challenges stemming from the COVID-19 pandemic are putting increased pressure on IT security professionals, according to new data from Check Point.

Written By

Phil Muncaster

From

Infosecurity

Added

How one healthcare CISO is navigating the COVID-19 crisis

Security is in an “all hands on deck” situation at the healthcare organization as it pivots to a mostly remote working organization.

Written By

Dan Swinhoe

From

CSO

Added

How to protect yourself from coronavirus phishing threats

The worst disease of the century brings out the worst in people as phishing attacks increase to unprecedented levels. Here's how to spot and avoid COVID-19 phishing attacks.

Written By

Steven J. Vaughan-Nichols

From

InsiderPro

Added

NASA sees an “exponential” jump in malware attacks as personnel work from home

NASA has experienced an exponential increase in malware attacks and a doubling of agency devices trying to access malicious sites in the past few days as personnel work from home, the space agency’s Office of the Chief Information Officer said on Monday.

Written By

Dan Goodin

From

ArsTechnica

Added

FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing

The Federal Bureau of Investigation (FBI) has released an article on defending against video-teleconferencing (VTC) hijacking (referred to as “Zoom-bombing” when attacks are to the Zoom VTC platform).

Written By

CISA

From

CISA

Added

Ransomware strikes biotech firm researching possible COVID-19 treatments

As the COVID-19 pandemic was spreading through the U.S. last month, hackers struck a California-based biotechnology company which makes tools that researchers are using to learn about the coronavirus.

Written By

Jeff Stone

From

Cyberscoop

Added

Vulnerable VPN appliances at healthcare organizations open doors for ransomware gangs

The increased enterprise VPN use due to the COVID-19 pandemic and the work-from-home (WFH) shift has not gone unnoticed by ransomware gangs, Microsoft warns.

Written By

Zeljka Zorz

From

HelpNetSecurity

Added

‘War Dialing’ Tool Exposes Zoom’s Password Problems

According to data gathered by a new automated Zoom meeting discovery tool dubbed “zWarDial,” a crazy number of meetings at major corporations are not being protected by a password.

Written By

Brian Krebs

From

Krebs

Added

Coronavirus: Hackers are now launching dozens of email scams each day

Waves of phishing and malware attacks try to take advantage of working from home and worries about COVID-19.

Written By

Steve Ranger

From

ZDNet

Added

Cyber criminals are trying to exploit Zoom's popularity to promote their phishing scams

Crooks are trying to add some credibility to their phishing attacks by referencing the popular video-conferencing tool.

Written By

Danny Palmer

From

ZDNet

Added

In COVID-19 Scam Scramble, Cybercrooks Recycle Phishing Kits

Old phishing kits are being pressed into service to keep up with the unprecedented volume of new scams that exploit the pandemic.

Written By

Tara Seals

From

ThreatPost

Added

FBI Warns of Attacks on Remote Work, Distance Learning Platforms

FBI's Internet Crime Complaint Center (IC3) issued a public service announcement today about the risk of attacks exploiting the increased usage of online communication platforms for remote working and distance learning caused by the SARS-CoV-2 pandemic.

Written By

Sergiu Gatlan

From

BleepingComputer

Added

IRONSCALES Themis™ Emerges as World’s First Fully Autonomous AI Email Security Analyst

Built on artificial intelligence, “The Driver-Less Car” of anti-phishing technology has become so accurate that it can now classify and remove phishing threats with no human involvement

Written By

IRONSCALES

From

IRONSCALES

Added

Hackers ‘without conscience’ demand ransom from dozens of hospitals and labs working on coronavirus

When hackers broke into computers at Hammersmith Medicines Research, a London-based company that carries out clinical trials for new medicines, it was a nightmare scenario for managing director Malcolm Boyce.

Written By

Ryan Gallagher

From

Fortune

Added

Criminal Hackers Use Official-Looking Coronavirus Forms to Spread Malware, Steal Passwords

Security experts are tracking a range of new threats incidentally linked to the coronavirus that’s killed no fewer than 44,216 people worldwide. Where most see despair, some cyber criminals see opportunity.

Written By

Dell Cameron

From

Gizmodo

Added

Microsoft is Alerting Hospitals Vulnerable to Ransomware Attacks

Microsoft has started to send targeted notifications to dozens of hospitals about vulnerable public-facing VPN devices and gateways located on their network.

Written By

Lawrence Abrams

From

Bleeping Computer

Added

The SOC Emergency Room Faces Malware Pandemic

To keep users and networks healthy and secure, security teams need to mimic countries that have taken on COVID-19 with a rapid, disciplined approach.

Written By

Avi Chesla

From

DarkReading

Added

Cyber-Attacks Up 37% Over Past Month as #COVID19 Bites

Online threats have risen by as much as six-times their usual levels over the past four weeks as the COVID-19 pandemic provides new ballast for cyber-attacks, according to Cloudflare.

Written By

Phil Muncaster

From

Infosecurity Magazine

Added

Coronavirus: Microsoft directly warns hospitals, 'Fix your vulnerable VPN appliances'

Microsoft issues its first-ever targeted ransomware alert to hospitals over their vulnerable VPN appliances.

Written By

Liam Tung

From

ZDNet

Added

Limited-Time Free Offers to Secure the Enterprise Amid COVID-19

These products and services could be of immediate help to infosec pros now protecting their organizations while working from home.

Written By

Curtis Franklin Jr.

From

DarkReading

Added

CybersecurityCares Lists Free Tools During Coronavirus

Nathan Burke, CMO at cybersecurity asset management startup Axonius, wrote a blog post at about 4 a.m. a couple weekends ago, and its title captures the current mood: Things will be weird in cybersecurity for a while.

Written By

Jessica Lyons Hardcastle

From

SDX Central

Added

International Cybersecurity Experts Come Together to Fight COVID-19 Related Cyberthreats

In order to address rising cyberthreats globally, an international group of 400 cybersecurity professionals has come together to combat these cyberattacks. The group, named “COVID-19 CTI League (for cyber threat intelligence), consists of members from more than 40 countries and includes security leaders from major organizations like Microsoft and Amazon.

Written By

CISOMag

From

CISO Mag

Added

Distributed disruption: Coronavirus multiplies the risk of severe cyberattacks

Distributed disruption: Coronavirus multiplies the risk of severe cyberattacks

Written By

Marc Wilczek

From

HelpNetSecurity

Added

COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware

As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake "Zoom" domains and malicious "Zoom" executable files in an attempt to trick people into downloading malware on their devices.

Written By

Ravie Lakshmanan

From

The Hacker News

Added